Commit Graph

117 Commits (2a1b797e174d8140932e2895d19203c121d919eb)
 

Author SHA1 Message Date
Jonathan Daggerhart 2a1b797e17 fixing composer.json for packagist
Jonathan Daggerhart 64a4676c88 trailing comma in json
Jonathan Daggerhart ef6fac4e41 version update along with readmes. new composer.json to place on packagist
Raphaël Droz f3096b6f14 fix a notice: If using traditional login, $token_response may be empty ()
fix a 404: In Bedrock-like layout configuration, $redirect_url === 'wp-login.php?loggedout=true'
 (which work for local redirection). But canonicalization should take into account the additional /wp/
 prefix. site_url() does meanwhile home_url() does not.
Raphaël Droz f9c076a5c0 hook: ability to filter claim and derived user data ()
Raphaël Droz 6263bee23b google provider: do not attempt to use their not-compliant /revoke endpoint ()
Raphaël Droz 58c8b7ac9a disconnect hook: get user meta from information provided by filter parameters ()
Raphaël Droz d0b79313c2 fixed a notice when cookie does not contain expected redirect_url ()
Raphaël Droz 756c3c05a1 Translit names' special characters ()
When nickname is generated from a full name, intent to translit them to ascii instead of stripping special characters.
Antti Leppä 56bd5718e6 Feature state time limit option ()
* Added an option for state time limit on the settings page
Jonathan Daggerhart 6bc53f96d4 some readme and metadata updates for plugin repo
Jonathan Daggerhart 9bf826c704
Merge pull request from daggerhart/timeout
removed generic wp filter used for request timeout
Jonathan Daggerhart a99280600a removed generic wp filter used for request timeout
Jonathan Daggerhart c098e9da30
Merge pull request from daggerhart/prefix
Prefixes for better autoloading
Jonathan Daggerhart 326efbb416 prefixing generic classes with oidcg comment class names. adjusting autoloading to look for the standardized prefix.
Jonathan Daggerhart 6f077c932a incrementing to 3.3.x, updating readmes and changelog
Jonathan Daggerhart e02e455965
Merge pull request from dirtsimple/wp_tokens
Simplify refresh/logout handling (to fix , , and )
Jonathan Daggerhart e541a9f3b4 updating version
PJ Eby b14554e8fe WP still supports PHP 5.2.4 :(
PJ Eby 662e9fb25b Track refresh token expiration (fixes )
PJ Eby caf1324499 Defer logouts to after all WP plugins initialize
PJ Eby 134d0116b8 Drop unnecessary user_meta keys
PJ Eby 7879835b49 Store refresh token in sessions, instead of a cookie
Jonathan Daggerhart 06ed9dfdd8
Exit after issuing a redirect
Terminate authentication_request_callback() after execution
Related issue: 
Sven van Hal 3869aa0fde
Terminate authentication_request_callback() after execution
Jonathan Daggerhart 08af84a851 readme and changelog updates. minor whitespace update.
Jonathan Daggerhart 3683cd3286 Merge pull request from daggerhart/redirect-on-logout-as-setting
New setting to determine if users should be redirected when session expires.
Jonathan Daggerhart fb119dec5f Add id_token_hint to end session logout redirect url
Thanks @skidos!
Jonathan Daggerhart c73d9f6956 new setting allows administrator to determine if users should be redirected when their acces token expires.
skidos 059d672de2 Update openid-connect-generic-client-wrapper.php
Add id_token_hint to end session logout redirect url 
http://openid.net/specs/openid-connect-session-1_0.html#RPLogout
Jonathan Daggerhart cdf2629aa3 Merge pull request from robbiepaul/dev
Authentication URL can be modified
Robbie Paul 69a431793f Authentication URL can be modified
Some OpenID Connect providers offer additional functionality by adding
query params to the authentication URL

For example with Azure Active Directory if you pass in
`&domain_hint=REALM` you can customise the way the login screen looks
with your corporate logo etc
Jonathan Daggerhart b64fab27be breaking out changelog into its own file, providing attribution to users that have helped with issues and prs
Jonathan Daggerhart 814a7e6ca7 Merge pull request from robbiepaul/dev
Calls the wp_login action at the end of the login flow
Robbie Paul 82162ec753 Escape the error message
* This commit prevents a possible reflected XSS
Robbie Paul 672d7292e2 Include wp_login action after auth cookie is set
* Many plugins will hook in to this action, it should be at the end of any
  WordPress login flow
* See: https://core.trac.wordpress.org/browser/tags/4.7.3/src/wp-includes/user.php#L104
Jonathan Daggerhart b8ad2dd560 updating version and readmes
Jonathan Daggerhart 61c549189c adding port to the request headers per issue
Jonathan Daggerhart 14133138a7 some method annotation corrections, and minor settings page typoes
Jonathan Daggerhart 54c43eb2b9 Merge pull request from opencollector/moriyoshi/more-flexible-identity-settings
More flexible identity settings.
Moriyoshi Koizumi 0bbfc3437f More flexible identity settings.
Jonathan Daggerhart e723799397 updating change log with new reverse proxy support feature
Jonathan Daggerhart 4866765768 Merge pull request from ahatherly/master
Set the Host header on http requests to openid-connect endpoint
Adam Hatherly 2281246816 Set the Host header on http requests to openid-connect endpoint so it works behind a reverse proxy
Jonathan Daggerhart e7f390477c fixing error on php 5.4
Jonathan Daggerhart e4b1340dff updating readmes for alternate redirect_uri
Jonathan Daggerhart 14d0ec44f6 Allow for the use of an alternate authentication route (redirect_uri) as opposed to the default admin-ajax method
Jonathan Daggerhart 0dc448fee5 clean up autoloader, default settings values, and validate refresh token result before attempting response
Jonathan Daggerhart aafb5f7a2c minor logger and settings page documentation improvements
Jonathan Daggerhart 6e9790c221 adding comments on new functions